Hi, 2009/6/11 MontyRee <chulmin2 at hotmail.com>: > Is there any way or option that only listen 127.0.0.1? I don't think so. NTP is an UDP protocol, and its packets have both source and destination port 123, so the machine that is using NTP to set its own clock (NTP "client") needs to listen on port 123 UDP to receive the replies from the NTP "server". > for security reason? Look into the "restrict" commands in ntp.conf to implement security policies on NTP. You can find information on how it works on "man ntp_acc". If you use a fixed list of NTP servers that have fixed IPs, you can also use iptables to block access to port 123 UDP to all except those hosts. HTH, Filipe